IBM's homomorphic encryption accelerated to run 75 times faster

It lets you work on encrypted data without taking it to plaintext and back again


IBM has rewritten its C++ homomorphic encryption library and claims it now goes up to 75 times faster.

Homomorphic encryption is a technique used to operate on encrypted data without decrypting it. This would make sensitive operations much more secure: for example, companies could encrypt their cloud-hosted databases, and work on them without converting records back to plaintext.

IBM has worked on homomorphic encryption for some time, and released the first version of its HElib C++ library three years ago, but as we reported in 2016, the technology has always suffered huge performance penalties.

IBM's first attempts at homomorphic encryption, under the hand of its inventor Craig Gentry, ran “100 trillion times” slower than plaintext operations. It later accelerated by a factor of two million times, running on a 16-core server.

UIltron

Microsoft researchers smash homomorphic encryption speed barrier

READ MORE

Hence Big Blue's ongoing work on HElib. Released at GitHub, the latest version gets its performance kick from a “re-implementation of homomorphic linear transformations”, making it between 15 and 75 times faster.

In this paper at the International Association for Cryptologic Research, IBM's Shai Halevi and Victor Shoup (the latter also with New York University) explain how they improved speed.

“In the linear transformation algorithms currently implemented in HElib, the bulk of the time is spent moving data among the slots in the encrypted vector,” they wrote.

This is done with “special automorphisms” (a mathematical operation that maps an object to itself), and the computational cost comes from how many times the automorphisms have to loop around.

“The main cost of applying such an automorphism to a ciphertext is actually that of “key switching”: after applying the automorphism to each ring element in the ciphertext (which is actually a very cheap operation), we end up with an encryption relative to the “wrong” secret key; by using data in the public key specific to this particular automorphism — a so-called “key switching matrix” — we can convert the ciphertext back to one that is an encryption relative to the “right” secret key” the paper said.

“So the main goals in improving performance are to reduce the number of automorphisms, and to reduce the cost of each automorphism.”

In more accessible English, the new library implements a new strategy for calculating those automorphisms (achieving between 15 and 20 times speedup); the researchers refactored many of the necessary computations; and some of the calculations are shifted out of the library's main loop (getting a 6-8 times speedup).

The way public keys are constructed for homomorphic encryption is also expensive because of the aforementioned key-switching matrix. Each matrix adds several megabytes to the public key, and in HElib there could be several hundred such matrices in a public key. The researchers say for common operations, they were able to cut the size of the matrix by 33-50 per cent.

HElib is still a research-level project. As stated on the GitHub page: “At its present state, this library is mostly meant for researchers working on HE and its uses. Also currently it is fairly low-level, and is best thought of as 'assembly language for HE'. That is, it provides low-level routines (set, add, multiply, shift, etc.), with as much access to optimisations as we can give. Hopefully in time we will be able to provide higher-level routines.” ®

Similar topics

Broader topics


Other stories you might like

  • IBM buys Randori to address multicloud security messes
    Big Blue joins the hot market for infosec investment

    RSA Conference IBM has expanded its extensive cybersecurity portfolio by acquiring Randori – a four-year-old startup that specializes in helping enterprises manage their attack surface by identifying and prioritizing their external-facing on-premises and cloud assets.

    Big Blue announced the Randori buy on the first day of the 2022 RSA Conference on Monday. Its plan is to give the computing behemoth's customers a tool to manage their security posture by looking at their infrastructure from a threat actor's point-of-view – a position IBM hopes will allow users to identify unseen weaknesses.

    IBM intends to integrate Randori's software with its QRadar extended detection and response (XDR) capabilities to provide real-time attack surface insights for tasks including threat hunting and incident response. That approach will reduce the quantity of manual work needed for monitoring new applications and to quickly address emerging threats, according to IBM.

    Continue reading
  • Compute responsibly: Yet another IT industry sustainability drive
    From greener datacenters to data transparency and 'conscious code', IBM, Dell, others push for better IT ops

    IBM and Dell are the founding members of a new initiative to promote sustainable development in IT by providing a framework of responsible corporate policies for organizations to follow.

    Responsible Computing is described as a membership consortium for technology organizations that aims to get members to sign up to responsible values in key areas relating to infrastructure, code development, and social impact. The program is also operating under the oversight of the Object Management Group.

    According to Object Management Group CEO Bill Hoffman, also the CEO of Responsible Computing, the new initiative aims to "shift thinking and, ultimately behavior" within the IT industry and therefore "bring about real change", based around a manifesto that lays out six domains the program has identified for responsible computing.

    Continue reading
  • IBM ordered to pay $1.6b to BMC
    Big Blue's 'routine eschewal of rules' justifies large penalty, judge says

    IBM has been ordered to pay Houston-based IT firm BMC $1.6 billion for fraud and contract violations because it moved mutual client AT&T from BMC software to IBM software.

    On Monday, US District Judge Gray Miller issued his final judgment [PDF] in the case, which began five years ago and culminated in a bench trial in March.

    For years, IBM had serviced AT&T's mainframe computers which at least since 2007 have relied on BMC software. IBM and BMC in 2008 entered into a contract governing the business relationship between the two companies. And in 2015, the two IT outfits agreed several amendments including an Outsourcing Attachment (OA) that disallowed IBM from moving mutual clients over to its own software.

    Continue reading
  • IBM ends funding for employee retirement clubs
    HR boss admits news may be 'disappointing' for the 'significant' population of former staff

    IBM has confirmed to former staff that it will no longer provide grants for the Retired Employee Club, meaning no more subsidized short trips to the Italian Riviera or golf days.

    The clubs are regionally split. In the UK, for example, there are 28 local organizations that have run short trips or national tournaments including corporate games or group runs.

    Joining a club was free for all Big Blue retirees with at least 10 years of service under their belt, regardless of pension age. For Local Clubs, members were asked to pay a small annual subscription.

    Continue reading

Biting the hand that feeds IT © 1998–2022